2020: A Retrospective Look at Healthcare Cybersecurity

2020: A Retrospective Look at Healthcare Cybersecurity

02/18/2021

Report #: 202102181030

Agenda

? Vulnerability points in hospitals ? 2020 Healthcare overview ? a snapshot ? Ransomware ? Data Breaches ? Blackbaud ? COVID-19 and its implications for healthcare cybersecurity ? Other fraudulent activity ? References ? Questions

Image source: CSO Online

Slides Key: Non-Technical: Managerial, strategic and highlevel (general audience)

Technical: Tactical / IOCs; requiring in-depth knowledge (sysadmins, IRT)

2

Vulnerability points in hospitals

Image source: Wall Street Journal

3

A Snapshot of Healthcare in 2020

What did 2020 look like for healthcare cybersecurity?

? VMWare/Carbon Black: o 239.4 million cyberattacks attempted in 2020

? Average of 816 attempted attacks per healthcare endpoint o 9,851% increase from 2019 o Between January and February: 51% increase o Increased throughout year o Peaked September/October at 87% increase

? Emsisoft Ransomware statistics for 2020 o 560 healthcare organizations impacted

? Wall Street Journal (HHS): ~1M healthcare records breached each month last year o One breached service provider is estimated to be responsible for ~10M breached records

? Patient in Germany died when being re-routed to another healthcare facility during ransomware attack

? Ransomware-as-a-service became standardized; Double extortion became popular

? COVID-19 themed cyberattacks began along with the pandemic

Image source: Times Higher Education

"Another banner year for cybercriminals" - Emsisoft

4

Ransomware vs. Healthcare in 2020 The United States continues to be one of the most targeted countries in the world

5

Ransomware vs. Healthcare in 2020, Part 2

Noteworthy HPH ransomware targets: ? Fortune 500 Healthcare provider based out of Pennsylvania

o 250 US hospitals lost use of their systems for 3 weeks ? Health network in Vermont

o 5,000 systems disrupted o Furloughed 300 staff o Estimated costs at $1.5M/day ? May 2020: Coveware finds that ransomware causes an average of 15 days of downtime for EHRs ? Double-extortion expanded from exclusively Maze to 18 ransomware operators in 2020 ? Ransomware statistics for 2020 o 80 incidents (560 healthcare organizations impacted) o Ambulances were rerouted o Radiation treatments for cancer patients were delayed o Medical records were rendered temporarily inaccessible and, in some cases, permanently lost o Hundreds of staff were furloughed o On healthcare organization in Vermont furloughed 300 staff, estimated the cost at $1.5M/day o PHI and other sensitive data was stolen and published online in at least 12 incidents

6

Ransomware vs. Healthcare in 2020, Part 3

2020

7

Ransomware vs. Healthcare in 2020, Part 4 The usual healthcare suspects: ? Sodinokibi/Revil ? Egregor (formerly Maze) ? Ryuk ? Netwalker ? Conti ? Dopplepaymer

8

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download